The economic impacts along with the epidemiological aspects of the COVID-19 pandemic will reshape the outlook for the insurance industry over the next three to five years.
Insurance companies will need to adapt their overall operating models, incorporating the effects of the virus to continue to achieve their strategic objectives and goals. These effects will include elevated operational risks like cyber threats related to new remote work environments for employees.
The Own Risk and Solvency Assessment (ORSA) process provides the framework for insurance companies to understand, evaluate and quantify their risk profile. It is inevitable that the ORSA will form a major part of the backdrop to work in 2020 and likely further into the future.
In this paper, Milliman’s Ian Penfold, Sophie Smyth and George Barrett discuss how insurers can explore their future exposures to COVID-19 through their ORSA.
In March, the Prudential Regulation Authority (PRA) and Financial Conduct Authority (FCA) hosted the first meeting of the jointly established Climate Financial Risk Forum (CFRF). The CFRF was established to build capacity and share best practice across financial regulators and the industry to advance financial sector responses to the financial risks from climate change.
The CFRF produced a guide to help firms understand the risks that arise from climate change and to provide support on how to integrate these risks into strategy and decision-making processes. The CFRF emphasises the importance of greater transparency and consistency regarding firms’ disclosures of climate-related financial risks, the benefits of effective risk management and scenario analysis and the opportunities for innovation in the interest of consumers.
The forum set up four working groups to explore the risks that climate change poses in each of these areas and developed practical guidance. In this paper, Milliman’s Amy Nicholson and Sophie Smyth summarise the key guidance from each of these four working groups.
Advances in technology have enabled insurers to operate in a dynamic digital world. However, a reliance on technology, cloud-based platforms, outsourcing, and remote working increases a firm’s vulnerability to operational risks. This interconnected system allows risks to spread and increases exposure to single points of failure. This environment has caused a surge in the number of cyberattacks.
As a response, operational resilience has become a focal point for regulators in Europe. Multiple regulatory and industry bodies have recently released discussion and consultation papers on the topic. Operational resilience refers to the ability of firms to prevent, respond, recover and learn from operational disruptions.
In this paper, Milliman consultants discuss the regulatory landscape related to the issue. They also offer several steps firms can take to improve their operational resilience.